Equifax said Tuesday that approximately 100,000 Canadian consumers may have had their personal information compromised in the massive cyberattack on the credit data company that was revealed this month.
The credit data company said the information that may have been compromised included names, addresses, social insurance numbers and in some cases credit card numbers. It said an investigation was ongoing.
Continue Reading Below
"We apologize to Canadian consumers who have been impacted by this incident," Lisa Nelson, president and general manager of Equifax Canada, said in a statement.
"We understand it has also been frustrating that Equifax Canada has been unable to provide clarity on who was impacted until the investigation is complete," Nelson said.
Equifax announced on Sept. 7 that a data breach may have compromised the personal information of 143 million Americans and fewer than 400,000 U.K. residents.
Canada's privacy watchdog announced Friday that it was probing the breach.
Equifax has committed to notifying affected consumers in writing as soon as possible. The company said it would be sending mailed notices to Canadians outlining the steps they should take.
It is also offering Canadians whose data was put at risk free credit monitoring and identity theft protection for the next 12 months, a service offered to U.S. residents on the day the cyberattack first was announced.
The company is facing investigations in Canada and the U.S.
At least two proposed class actions have been filed in Canada and many more in the U.S. against Equifax in connection with the data breach.
Equifax has been castigated for how it has handled the breach, which it did not disclose publicly for weeks after it was discovered.
Three Equifax executives sold shares worth a combined $1.8 million just a few days after the company learned of the breach, according to documents filed with securities regulators.
Equifax shares have lost a third of their value since it announced the breach.